From 8f1755f3052d8230338eab189ea3340687b5c1da Mon Sep 17 00:00:00 2001 From: Florian Stadler Date: Thu, 8 Aug 2024 19:54:07 +0200 Subject: [PATCH] Schematize lambda.CallbackFunction overlay and add docs for it (#4352) --- provider/cmd/pulumi-resource-aws/schema.json | 412 +++++++++++++++++ provider/overlays.go | 191 ++++++++ .../pkg/overlays/examples/callbackFunction.md | 259 +++++++++++ provider/resources.go | 392 +---------------- provider/types.go | 416 ++++++++++++++++++ 5 files changed, 1281 insertions(+), 389 deletions(-) create mode 100644 provider/overlays.go create mode 100644 provider/pkg/overlays/examples/callbackFunction.md create mode 100644 provider/types.go diff --git a/provider/cmd/pulumi-resource-aws/schema.json b/provider/cmd/pulumi-resource-aws/schema.json index cc223a7be0c..db0a32d7ff9 100644 --- a/provider/cmd/pulumi-resource-aws/schema.json +++ b/provider/cmd/pulumi-resource-aws/schema.json @@ -88365,6 +88365,34 @@ }, "type": "object" }, + "aws:lambda/CodePathOptions:CodePathOptions": { + "description": "Options to control which paths/packages should be included or excluded in the zip file containing the code for the AWS lambda.", + "properties": { + "extraExcludePackages": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Packages to explicitly exclude from the Assets for a serialized closure. This can be used when clients want to trim down the size of a closure, and they know that some package won't ever actually be needed at runtime, but is still a dependency of some package that is being used at runtime." + }, + "extraIncludePackages": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Extra packages to include when producing the Assets for a serialized closure. This can be useful if the packages are acquired in a way that the serialization code does not understand. For example, if there was some sort of module that was pulled in based off of a computed string." + }, + "extraIncludePaths": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Local file/directory paths that should be included when producing the Assets for a serialized closure." + } + }, + "type": "object", + "isOverlay": true + }, "aws:lambda/CodeSigningConfigAllowedPublishers:CodeSigningConfigAllowedPublishers": { "properties": { "signingProfileVersionArns": { @@ -281626,6 +281654,390 @@ "type": "object" } }, + "aws:lambda/callbackFunction:CallbackFunction": { + "description": "A CallbackFunction is a special type of `aws.lambda.Function` that can be created out of an actual JavaScript function instance. The Pulumi compiler and runtime work in tandem to extract your function, package it up along with its dependencies, upload the package to AWS Lambda, and configure the resulting AWS Lambda resources automatically.\n\nThe JavaScript function may capture references to other variables in the surrounding code, including other resources and even imported modules. The Pulumi compiler figures out how to serialize the resulting closure as it uploads and configures the AWS Lambda. This works even if you are composing multiple functions together.\n\nSee [Function Serialization](https://www.pulumi.com/docs/concepts/inputs-outputs/function-serialization/) for additional details on this process.\n\n### Lambda Function Handler\n\nYou can provide the JavaScript function used for the Lambda Function's Handler either directly by setting the `callback` input property or instead specify the `callbackFactory`, which is a Javascript function that will be called to produce the callback function that is the entrypoint for the AWS Lambda.\nUsing `callbackFactory` is useful when there is expensive initialization work that should only be executed once. The factory-function will be invoked once when the final AWS Lambda module is loaded. It can run whatever code it needs, and will end by returning the actual function that Lambda will call into each time the Lambda is invoked.\n\nIt is recommended to use an async function, otherwise the Lambda execution will run until the `callback` parameter is called and the event loop is empty. See [Define Lambda function handler in Node.js](https://docs.aws.amazon.com/lambda/latest/dg/nodejs-handler.html) for additional details.\n\n### Lambda Function Permissions\n\nIf neither `role` nor `policies` is specified, `CallbackFunction` will create an IAM role and automatically use the following managed policies:\n- `AWSLambda_FullAccess`\n- `CloudWatchFullAccessV2`\n- `CloudWatchEventsFullAccess`\n- `AmazonS3FullAccess`\n- `AmazonDynamoDBFullAccess`\n- `AmazonSQSFullAccess`\n- `AmazonKinesisFullAccess`\n- `AWSCloudFormationReadOnlyAccess`\n- `AmazonCognitoPowerUser`\n- `AWSXrayWriteOnlyAccess`\n\n### Customizing Lambda function attributes\n\nThe Lambdas created by `aws.lambda.CallbackFunction` use reasonable defaults for CPU, memory, IAM, logging, and other configuration.\nShould you need to customize these settings, the `aws.lambda.CallbackFunction` resource offers all of the underlying AWS Lambda settings.\n\nFor example, to increase the RAM available to your function to 256MB:\n\n```typescript\nimport * as aws from \"@pulumi/aws\";\n\n// Create an AWS Lambda function with 256MB RAM\nconst lambda = new aws.lambda.CallbackFunction(\"docsHandlerFunc\", {\n callback: async(event: aws.s3.BucketEvent) =\u003e {\n // ...\n },\n\n memorySize: 256 /* MB */,\n});\n```\n\n### Adding/removing files from a function bundle\n\nOccasionally you may need to customize the contents of function bundle before uploading it to AWS Lambda --- for example, to remove unneeded Node.js modules or add certain files or folders to the bundle explicitly. The `codePathOptions` property of `CallbackFunction` allows you to do this.\n\nIn this example, a local directory `./config` is added to the function bundle, while an unneeded Node.js module `mime` is removed:\n\n```typescript\nimport * as aws from \"@pulumi/aws\";\nimport * as fs from \"fs\";\n\nconst lambda = new aws.lambda.CallbackFunction(\"docsHandlerFunc\", {\n callback: async(event: aws.s3.BucketEvent) =\u003e {\n // ...\n },\n\n codePathOptions: {\n\n // Add local files or folders to the Lambda function bundle.\n extraIncludePaths: [\n \"./config\",\n ],\n\n // Remove unneeded Node.js packages from the bundle.\n extraExcludePackages: [\n \"mime\",\n ],\n },\n});\n```\n\n### Using Lambda layers {#lambda-layers}\n\n[Lambda layers](https://docs.aws.amazon.com/lambda/latest/dg/chapter-layers.html) allow you to share code, configuration, and other assets across multiple Lambda functions. At runtime, AWS Lambda extracts these files into the function's filesystem, where you can access their contents as though they belonged to the function bundle itself.\n\nLayers are managed with the [`aws.lambda.LayerVersion`](/registry/packages/aws/api-docs/lambda/layerversion/) resource, and you can attach them to as many `lambda.Function` or `lambda.CallbackFunction` resources as you need using the function's `layers` property. Here, the preceding program is updated to package the `./config` folder as a Lambda layer instead:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as fs from \"fs\";\n\n// Create a Lambda layer containing some shared configuration.\nconst configLayer = new aws.lambda.LayerVersion(\"config-layer\", {\n layerName: \"my-config-layer\",\n\n // Use a Pulumi AssetArchive to zip up the contents of the folder.\n code: new pulumi.asset.AssetArchive({\n \"config\": new pulumi.asset.FileArchive(\"./config\"),\n }),\n});\n\nconst lambda = new aws.lambda.CallbackFunction(\"docsHandlerFunc\", {\n callback: async(event: aws.s3.BucketEvent) =\u003e {\n // ...\n },\n\n // Attach the config layer to the function.\n layers: [\n configLayer.arn,\n ],\n});\n```\n\nNotice the path to the file is now `/opt/config/config.json` --- `/opt` being the path at which AWS Lambda extracts the contents of a layer. The configuration layer is now manageable and deployable independently of the Lambda itself, allowing changes to be applied immediately across all functions that use it.\n\n#### Using layers for Node.js dependencies\n\nThis same approach can be used for sharing Node.js module dependencies. When you package your dependencies [at the proper path](https://docs.aws.amazon.com/lambda/latest/dg/packaging-layers.html) within the layer zip file, (e.g., `nodejs/node_modules`), AWS Lambda will unpack and expose them automatically to the functions that use them at runtime. This approach can be useful in monorepo scenarios such as the example below, which adds a locally built Node.js module as a layer, then references references the module from within the body of a `CallbackFunction`:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Create a layer containing a locally built Node.js module.\nconst utilsLayer = new aws.lambda.LayerVersion(\"utils-layer\", {\n layerName: \"utils\",\n code: new pulumi.asset.AssetArchive({\n\n // Store the module under nodejs/node_modules to make it available\n // on the Node.js module path.\n \"nodejs/node_modules/@my-alias/utils\": new pulumi.asset.FileArchive(\"./layers/utils/dist\"),\n }),\n});\n\nconst lambda = new aws.lambda.CallbackFunction(\"docsHandlerFunc\", {\n callback: async (event: aws.s3.BucketEvent) =\u003e {\n\n // Import the module from the layer at runtime.\n const { sayHello } = await import(\"@my-alias/utils\");\n\n // Call a function from the utils module.\n console.log(sayHello());\n },\n\n // Attach the utils layer to the function.\n layers: [\n utilsLayer.arn,\n ],\n});\n```\n\nNotice the example uses the module name `@my-alias/utils`. To make this work, you'll need to add a few lines to your Pulumi project's `tsconfig.json` file to map your chosen module name to the path of the module's TypeScript source code:\n\n```javascript\n{\n \"compilerOptions\": {\n // ...\n \"baseUrl\": \".\",\n \"paths\": {\n \"@my-alias/utils\": [\n \"./layers/utils\"\n ]\n }\n },\n // ...\n}\n```\n\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Basic Lambda Function\n\n```typescript\nimport * as aws from \"@pulumi/aws\";\n\n// Create an AWS Lambda function that fetches the Pulumi website and returns the HTTP status\nconst lambda = new aws.lambda.CallbackFunction(\"fetcher\", {\n callback: async(event) =\u003e {\n try {\n const res = await fetch(\"https://www.pulumi.com/robots.txt\");\n console.info(\"status\", res.status);\n return res.status;\n }\n catch (e) {\n console.error(e);\n return 500;\n }\n },\n});\n```\n{{% /example %}}\n\n{{% example %}}\n### Lambda Function with expensive initialization work\n\nThis creates a RESTful API using the Express Framework. Initializing the middleware is an expensive operation. In order to only do that when a\nfunction instance first starts (i.e. cold start) the `callbackFactory` property is used.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as express from \"express\";\nimport * as serverlessExpress from \"aws-serverless-express\";\nimport * as middleware from \"aws-serverless-express/middleware\";\n\nconst lambda = new aws.lambda.CallbackFunction\u003cany, any\u003e(\"mylambda\", {\n callbackFactory: () =\u003e {\n const app = express();\n app.use(middleware.eventContext());\n let ctx;\n\n app.get(\"/\", (req, res) =\u003e {\n console.log(\"Invoked url: \" + req.url);\n\n fetch('https://www.pulumi.com/robots.txt').then(resp =\u003e {\n res.json({\n message: \"Hello, world!\\n\\nSucceeded with \" + ctx.getRemainingTimeInMillis() + \"ms remaining.\",\n fetchStatus: resp.status,\n fetched: resp.text(),\n });\n });\n });\n\n const server = serverlessExpress.createServer(app);\n return (event, context) =\u003e {\n console.log(\"Lambda invoked\");\n console.log(\"Invoked function: \" + context.invokedFunctionArn);\n console.log(\"Proxying to express\");\n ctx = context;\n serverlessExpress.proxy(server, event, \u003cany\u003econtext);\n }\n }\n});\n```\n{{% /example %}}\n\n{{% example %}}\n### API Gateway Handler Function\n```typescript\nimport * as apigateway from \"@pulumi/aws-apigateway\";\nimport { APIGatewayProxyEvent, Context } from \"aws-lambda\";\n\nconst api = new apigateway.RestAPI(\"api\", {\n routes: [\n {\n path: \"/api\",\n eventHandler: async (event: APIGatewayProxyEvent, context: Context) =\u003e {\n return {\n statusCode: 200,\n body: JSON.stringify({\n eventPath: event.path,\n functionName: context.functionName,\n })\n };\n },\n },\n ],\n});\n\nexport const url = api.url;\n```\n{{% /example %}}\n{{% /examples %}}\n", + "properties": { + "architectures": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Instruction set architecture for your Lambda function. Valid values are `[\"x86_64\"]` and `[\"arm64\"]`. Default is `[\"x86_64\"]`. Removing this attribute, function's architecture stay the same.\n" + }, + "arn": { + "type": "string", + "description": "Amazon Resource Name (ARN) identifying your Lambda Function.\n" + }, + "code": { + "$ref": "pulumi.json#/Archive", + "description": "Path to the function's deployment package within the local filesystem. Exactly one of `filename`, `image_uri`, or `s3_bucket` must be specified.\n" + }, + "codeSha256": { + "type": "string", + "description": "Base64-encoded representation of raw SHA-256 sum of the zip file.\n" + }, + "codeSigningConfigArn": { + "type": "string", + "description": "To enable code signing for this function, specify the ARN of a code-signing configuration. A code-signing configuration includes a set of signing profiles, which define the trusted publishers for this function.\n" + }, + "deadLetterConfig": { + "$ref": "#/types/aws:lambda/FunctionDeadLetterConfig:FunctionDeadLetterConfig", + "description": "Configuration block. Detailed below.\n" + }, + "description": { + "type": "string", + "description": "Description of what your Lambda Function does.\n" + }, + "environment": { + "$ref": "#/types/aws:lambda/FunctionEnvironment:FunctionEnvironment", + "description": "Configuration block. Detailed below.\n" + }, + "ephemeralStorage": { + "$ref": "#/types/aws:lambda/FunctionEphemeralStorage:FunctionEphemeralStorage", + "description": "The amount of Ephemeral storage(`/tmp`) to allocate for the Lambda Function in MB. This parameter is used to expand the total amount of Ephemeral storage available, beyond the default amount of `512`MB. Detailed below.\n" + }, + "fileSystemConfig": { + "$ref": "#/types/aws:lambda/FunctionFileSystemConfig:FunctionFileSystemConfig", + "description": "Configuration block. Detailed below.\n" + }, + "handler": { + "type": "string", + "description": "Function [entrypoint](https://docs.aws.amazon.com/lambda/latest/dg/walkthrough-custom-events-create-test-function.html) in your code.\n" + }, + "imageConfig": { + "$ref": "#/types/aws:lambda/FunctionImageConfig:FunctionImageConfig", + "description": "Configuration block. Detailed below.\n" + }, + "imageUri": { + "type": "string", + "description": "ECR image URI containing the function's deployment package. Exactly one of `filename`, `image_uri`, or `s3_bucket` must be specified.\n" + }, + "invokeArn": { + "type": "string", + "description": "ARN to be used for invoking Lambda Function from API Gateway - to be used in `aws.apigateway.Integration`'s `uri`.\n" + }, + "kmsKeyArn": { + "type": "string", + "description": "Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key that is used to encrypt environment variables. If this configuration is not provided when environment variables are in use, AWS Lambda uses a default service key. If this configuration is provided when environment variables are not in use, the AWS Lambda API does not save this configuration and the provider will show a perpetual difference of adding the key. To fix the perpetual difference, remove this configuration.\n" + }, + "lastModified": { + "type": "string", + "description": "Date this resource was last modified.\n" + }, + "layers": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of Lambda Layer Version ARNs (maximum of 5) to attach to your Lambda Function. See [Lambda Layers](https://docs.aws.amazon.com/lambda/latest/dg/configuration-layers.html)\n" + }, + "loggingConfig": { + "$ref": "#/types/aws:lambda/FunctionLoggingConfig:FunctionLoggingConfig", + "description": "Configuration block used to specify advanced logging settings. Detailed below.\n" + }, + "memorySize": { + "type": "integer", + "description": "Amount of memory in MB your Lambda Function can use at runtime. Defaults to `128`. See [Limits](https://docs.aws.amazon.com/lambda/latest/dg/limits.html)\n" + }, + "name": { + "type": "string", + "description": "Unique name for your Lambda Function.\n" + }, + "packageType": { + "type": "string", + "description": "Lambda deployment package type. Valid values are `Zip` and `Image`. Defaults to `Zip`.\n" + }, + "publish": { + "type": "boolean", + "description": "Whether to publish creation/change as new Lambda Function Version. Defaults to `false`.\n" + }, + "qualifiedArn": { + "type": "string", + "description": "ARN identifying your Lambda Function Version (if versioning is enabled via `publish = true`).\n" + }, + "qualifiedInvokeArn": { + "type": "string", + "description": "Qualified ARN (ARN with lambda version number) to be used for invoking Lambda Function from API Gateway - to be used in `aws.apigateway.Integration`'s `uri`.\n" + }, + "replaceSecurityGroupsOnDestroy": { + "type": "boolean", + "description": "Whether to replace the security groups on the function's VPC configuration prior to destruction.\nRemoving these security group associations prior to function destruction can speed up security group deletion times of AWS's internal cleanup operations.\nBy default, the security groups will be replaced with the `default` security group in the function's configured VPC.\nSet the `replacement_security_group_ids` attribute to use a custom list of security groups for replacement.\n" + }, + "replacementSecurityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of security group IDs to assign to the function's VPC configuration prior to destruction.\n`replace_security_groups_on_destroy` must be set to `true` to use this attribute.\n" + }, + "reservedConcurrentExecutions": { + "type": "integer", + "description": "Amount of reserved concurrent executions for this lambda function. A value of `0` disables lambda from being triggered and `-1` removes any concurrency limitations. Defaults to Unreserved Concurrency Limits `-1`. See [Managing Concurrency](https://docs.aws.amazon.com/lambda/latest/dg/concurrent-executions.html)\n" + }, + "role": { + "type": "string", + "$ref": "#/types/aws:index/aRN:ARN", + "description": "Amazon Resource Name (ARN) of the function's execution role. The role provides the function's identity and access to AWS services and resources.\n\nThe following arguments are optional:\n" + }, + "roleInstance": { + "type": "string", + "description": "The IAM role assigned to this Lambda function. Will be undefined if an ARN was provided for the role input property." + }, + "runtime": { + "type": "string", + "description": "Identifier of the function's runtime. See [Runtimes](https://docs.aws.amazon.com/lambda/latest/dg/API_CreateFunction.html#SSS-CreateFunction-request-Runtime) for valid values.\n" + }, + "s3Bucket": { + "type": "string", + "description": "S3 bucket location containing the function's deployment package. This bucket must reside in the same AWS region where you are creating the Lambda function. Exactly one of `filename`, `image_uri`, or `s3_bucket` must be specified. When `s3_bucket` is set, `s3_key` is required.\n" + }, + "s3Key": { + "type": "string", + "description": "S3 key of an object containing the function's deployment package. When `s3_bucket` is set, `s3_key` is required.\n" + }, + "s3ObjectVersion": { + "type": "string", + "description": "Object version containing the function's deployment package. Conflicts with `filename` and `image_uri`.\n" + }, + "signingJobArn": { + "type": "string", + "description": "ARN of the signing job.\n" + }, + "signingProfileVersionArn": { + "type": "string", + "description": "ARN of the signing profile version.\n" + }, + "skipDestroy": { + "type": "boolean", + "description": "Set to true if you do not wish the function to be deleted at destroy time, and instead just remove the function from the Pulumi state.\n" + }, + "snapStart": { + "$ref": "#/types/aws:lambda/FunctionSnapStart:FunctionSnapStart", + "description": "Snap start settings block. Detailed below.\n" + }, + "sourceCodeHash": { + "type": "string" + }, + "sourceCodeSize": { + "type": "integer", + "description": "Size in bytes of the function .zip file.\n" + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Map of tags to assign to the object. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" + }, + "tagsAll": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", + "deprecationMessage": "Please use `tags` instead." + }, + "timeout": { + "type": "integer", + "description": "Amount of time your Lambda Function has to run in seconds. Defaults to `3`. See [Limits](https://docs.aws.amazon.com/lambda/latest/dg/limits.html).\n" + }, + "tracingConfig": { + "$ref": "#/types/aws:lambda/FunctionTracingConfig:FunctionTracingConfig", + "description": "Configuration block. Detailed below.\n" + }, + "version": { + "type": "string", + "description": "Latest published version of your Lambda Function.\n" + }, + "vpcConfig": { + "$ref": "#/types/aws:lambda/FunctionVpcConfig:FunctionVpcConfig", + "description": "Configuration block. Detailed below.\n" + } + }, + "type": "object", + "isOverlay": true, + "overlaySupportedLanguages": [ + "nodejs" + ], + "inputProperties": { + "architectures": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Instruction set architecture for your Lambda function. Valid values are `[\"x86_64\"]` and `[\"arm64\"]`. Default is `[\"x86_64\"]`. Removing this attribute, function's architecture stay the same.\n" + }, + "callback": { + "$ref": "pulumi.json#/Any", + "description": "The Javascript function to use as the entrypoint for the AWS Lambda out of. Either callback or callbackFactory must be provided." + }, + "callbackFactory": { + "$ref": "pulumi.json#/Any", + "description": "The Javascript function that will be called to produce the callback function that is the entrypoint for the AWS Lambda. Either callback or callbackFactory must be provided." + }, + "codePathOptions": { + "$ref": "#/types/aws:lambda/CodePathOptions:CodePathOptions", + "description": "Options to control which paths/packages should be included or excluded in the zip file containing the code for the AWS lambda." + }, + "codeSigningConfigArn": { + "type": "string", + "description": "To enable code signing for this function, specify the ARN of a code-signing configuration. A code-signing configuration includes a set of signing profiles, which define the trusted publishers for this function.\n" + }, + "deadLetterConfig": { + "$ref": "#/types/aws:lambda/FunctionDeadLetterConfig:FunctionDeadLetterConfig", + "description": "Configuration block. Detailed below.\n" + }, + "description": { + "type": "string", + "description": "Description of what your Lambda Function does.\n" + }, + "environment": { + "$ref": "#/types/aws:lambda/FunctionEnvironment:FunctionEnvironment", + "description": "Configuration block. Detailed below.\n" + }, + "ephemeralStorage": { + "$ref": "#/types/aws:lambda/FunctionEphemeralStorage:FunctionEphemeralStorage", + "description": "The amount of Ephemeral storage(`/tmp`) to allocate for the Lambda Function in MB. This parameter is used to expand the total amount of Ephemeral storage available, beyond the default amount of `512`MB. Detailed below.\n" + }, + "fileSystemConfig": { + "$ref": "#/types/aws:lambda/FunctionFileSystemConfig:FunctionFileSystemConfig", + "description": "Configuration block. Detailed below.\n" + }, + "imageConfig": { + "$ref": "#/types/aws:lambda/FunctionImageConfig:FunctionImageConfig", + "description": "Configuration block. Detailed below.\n" + }, + "imageUri": { + "type": "string", + "description": "ECR image URI containing the function's deployment package. Exactly one of `filename`, `image_uri`, or `s3_bucket` must be specified.\n" + }, + "kmsKeyArn": { + "type": "string", + "description": "Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key that is used to encrypt environment variables. If this configuration is not provided when environment variables are in use, AWS Lambda uses a default service key. If this configuration is provided when environment variables are not in use, the AWS Lambda API does not save this configuration and the provider will show a perpetual difference of adding the key. To fix the perpetual difference, remove this configuration.\n" + }, + "layers": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of Lambda Layer Version ARNs (maximum of 5) to attach to your Lambda Function. See [Lambda Layers](https://docs.aws.amazon.com/lambda/latest/dg/configuration-layers.html)\n" + }, + "loggingConfig": { + "$ref": "#/types/aws:lambda/FunctionLoggingConfig:FunctionLoggingConfig", + "description": "Configuration block used to specify advanced logging settings. Detailed below.\n" + }, + "memorySize": { + "type": "integer", + "description": "Amount of memory in MB your Lambda Function can use at runtime. Defaults to `128`. See [Limits](https://docs.aws.amazon.com/lambda/latest/dg/limits.html)\n" + }, + "name": { + "type": "string", + "description": "Unique name for your Lambda Function.\n", + "willReplaceOnChanges": true + }, + "packageType": { + "type": "string", + "description": "Lambda deployment package type. Valid values are `Zip` and `Image`. Defaults to `Zip`.\n", + "willReplaceOnChanges": true + }, + "policies": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string", + "$ref": "#/types/aws:index/aRN:ARN" + } + }, + { + "type": "array", + "items": { + "type": "string", + "$ref": "#/types/aws:index/aRN:ARN" + } + } + ], + "description": "A list of IAM policy ARNs to attach to the Function. Only one of `role` or `policies` can be provided. If neither is provided, the default policies will be used instead." + }, + "publish": { + "type": "boolean", + "description": "Whether to publish creation/change as new Lambda Function Version. Defaults to `false`.\n" + }, + "replaceSecurityGroupsOnDestroy": { + "type": "boolean", + "description": "Whether to replace the security groups on the function's VPC configuration prior to destruction.\nRemoving these security group associations prior to function destruction can speed up security group deletion times of AWS's internal cleanup operations.\nBy default, the security groups will be replaced with the `default` security group in the function's configured VPC.\nSet the `replacement_security_group_ids` attribute to use a custom list of security groups for replacement.\n" + }, + "replacementSecurityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of security group IDs to assign to the function's VPC configuration prior to destruction.\n`replace_security_groups_on_destroy` must be set to `true` to use this attribute.\n" + }, + "reservedConcurrentExecutions": { + "type": "integer", + "description": "Amount of reserved concurrent executions for this lambda function. A value of `0` disables lambda from being triggered and `-1` removes any concurrency limitations. Defaults to Unreserved Concurrency Limits `-1`. See [Managing Concurrency](https://docs.aws.amazon.com/lambda/latest/dg/concurrent-executions.html)\n" + }, + "role": { + "oneOf": [ + { + "$ref": "#/types/aws:iam/Role:Role" + }, + { + "type": "string", + "$ref": "#/types/aws:index/aRN:ARN" + } + ], + "description": "The execution role for the Lambda Function. The role provides the function's identity and access to AWS services and resources. Only one of `role` or `policies` can be provided. If neither is provided, the default policies will be used instead." + }, + "runtime": { + "$ref": "#/types/aws:lambda/Runtime:Runtime", + "description": "The Lambda runtime to use. If not provided, will default to `NodeJS20dX`." + }, + "s3Bucket": { + "type": "string", + "description": "S3 bucket location containing the function's deployment package. This bucket must reside in the same AWS region where you are creating the Lambda function. Exactly one of `filename`, `image_uri`, or `s3_bucket` must be specified. When `s3_bucket` is set, `s3_key` is required.\n" + }, + "s3Key": { + "type": "string", + "description": "S3 key of an object containing the function's deployment package. When `s3_bucket` is set, `s3_key` is required.\n" + }, + "s3ObjectVersion": { + "type": "string", + "description": "Object version containing the function's deployment package. Conflicts with `filename` and `image_uri`.\n" + }, + "skipDestroy": { + "type": "boolean", + "description": "Set to true if you do not wish the function to be deleted at destroy time, and instead just remove the function from the Pulumi state.\n" + }, + "snapStart": { + "$ref": "#/types/aws:lambda/FunctionSnapStart:FunctionSnapStart", + "description": "Snap start settings block. Detailed below.\n" + }, + "sourceCodeHash": { + "type": "string" + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Map of tags to assign to the object. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" + }, + "timeout": { + "type": "integer", + "description": "Amount of time your Lambda Function has to run in seconds. Defaults to `3`. See [Limits](https://docs.aws.amazon.com/lambda/latest/dg/limits.html).\n" + }, + "tracingConfig": { + "$ref": "#/types/aws:lambda/FunctionTracingConfig:FunctionTracingConfig", + "description": "Configuration block. Detailed below.\n" + }, + "vpcConfig": { + "$ref": "#/types/aws:lambda/FunctionVpcConfig:FunctionVpcConfig", + "description": "Configuration block. Detailed below.\n" + } + } + }, "aws:lambda/codeSigningConfig:CodeSigningConfig": { "description": "Provides a Lambda Code Signing Config resource. A code signing configuration defines a list of allowed signing profiles and defines the code-signing validation policy (action to be taken if deployment validation checks fail).\n\nFor information about Lambda code signing configurations and how to use them, see [configuring code signing for Lambda functions](https://docs.aws.amazon.com/lambda/latest/dg/configuration-codesigning.html)\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst newCsc = new aws.lambda.CodeSigningConfig(\"new_csc\", {\n allowedPublishers: {\n signingProfileVersionArns: [\n example1.arn,\n example2.arn,\n ],\n },\n policies: {\n untrustedArtifactOnDeployment: \"Warn\",\n },\n description: \"My awesome code signing config.\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nnew_csc = aws.lambda_.CodeSigningConfig(\"new_csc\",\n allowed_publishers={\n \"signing_profile_version_arns\": [\n example1[\"arn\"],\n example2[\"arn\"],\n ],\n },\n policies={\n \"untrusted_artifact_on_deployment\": \"Warn\",\n },\n description=\"My awesome code signing config.\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var newCsc = new Aws.Lambda.CodeSigningConfig(\"new_csc\", new()\n {\n AllowedPublishers = new Aws.Lambda.Inputs.CodeSigningConfigAllowedPublishersArgs\n {\n SigningProfileVersionArns = new[]\n {\n example1.Arn,\n example2.Arn,\n },\n },\n Policies = new Aws.Lambda.Inputs.CodeSigningConfigPoliciesArgs\n {\n UntrustedArtifactOnDeployment = \"Warn\",\n },\n Description = \"My awesome code signing config.\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lambda.NewCodeSigningConfig(ctx, \"new_csc\", \u0026lambda.CodeSigningConfigArgs{\n\t\t\tAllowedPublishers: \u0026lambda.CodeSigningConfigAllowedPublishersArgs{\n\t\t\t\tSigningProfileVersionArns: pulumi.StringArray{\n\t\t\t\t\texample1.Arn,\n\t\t\t\t\texample2.Arn,\n\t\t\t\t},\n\t\t\t},\n\t\t\tPolicies: \u0026lambda.CodeSigningConfigPoliciesArgs{\n\t\t\t\tUntrustedArtifactOnDeployment: pulumi.String(\"Warn\"),\n\t\t\t},\n\t\t\tDescription: pulumi.String(\"My awesome code signing config.\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.CodeSigningConfig;\nimport com.pulumi.aws.lambda.CodeSigningConfigArgs;\nimport com.pulumi.aws.lambda.inputs.CodeSigningConfigAllowedPublishersArgs;\nimport com.pulumi.aws.lambda.inputs.CodeSigningConfigPoliciesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var newCsc = new CodeSigningConfig(\"newCsc\", CodeSigningConfigArgs.builder()\n .allowedPublishers(CodeSigningConfigAllowedPublishersArgs.builder()\n .signingProfileVersionArns( \n example1.arn(),\n example2.arn())\n .build())\n .policies(CodeSigningConfigPoliciesArgs.builder()\n .untrustedArtifactOnDeployment(\"Warn\")\n .build())\n .description(\"My awesome code signing config.\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n newCsc:\n type: aws:lambda:CodeSigningConfig\n name: new_csc\n properties:\n allowedPublishers:\n signingProfileVersionArns:\n - ${example1.arn}\n - ${example2.arn}\n policies:\n untrustedArtifactOnDeployment: Warn\n description: My awesome code signing config.\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Code Signing Configs using their ARN. For example:\n\n```sh\n$ pulumi import aws:lambda/codeSigningConfig:CodeSigningConfig imported_csc arn:aws:lambda:us-west-2:123456789012:code-signing-config:csc-0f6c334abcdea4d8b\n```\n", "properties": { diff --git a/provider/overlays.go b/provider/overlays.go new file mode 100644 index 00000000000..2741f883cbb --- /dev/null +++ b/provider/overlays.go @@ -0,0 +1,191 @@ +// Copyright 2016-2024, Pulumi Corporation. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package provider + +import ( + _ "embed" // Needed to support go:embed directive + "fmt" + "maps" + + "github.com/pulumi/pulumi/pkg/v3/codegen/schema" + "github.com/pulumi/pulumi/sdk/v3/go/common/util/contract" +) + +const ( + callbackFunctionTok = "aws:lambda/callbackFunction:CallbackFunction" + codePathOptionsTok = "aws:lambda/CodePathOptions:CodePathOptions" +) + +var arnToken = fmt.Sprintf("#/types/%s", awsTypeDefaultFile(awsMod, "ARN")) + +// resourceOverlays augment the resources defined by the upstream AWS provider +var resourceOverlays = map[string]schema.ResourceSpec{} + +// typeOverlays augment the types defined by the upstream AWS provider +var typeOverlays = map[string]schema.ComplexTypeSpec{} + +//go:embed pkg/overlays/examples/callbackFunction.md +var callbackFunctionMD string + +// The CallbackFunction resource is an overlay based on the AWS Lambda Function resource. Properties are copied from the lambda/Function resource and additional properties/overrides are added here. +var callbackFunction = schema.ResourceSpec{ + ObjectTypeSpec: schema.ObjectTypeSpec{ + IsOverlay: true, + OverlaySupportedLanguages: []string{"nodejs"}, + Description: callbackFunctionMD, + Properties: map[string]schema.PropertySpec{ + "roleInstance": { + TypeSpec: schema.TypeSpec{ + Type: "string", + }, + Description: "The IAM role assigned to this Lambda function. Will be undefined if an ARN was provided for the role input property.", + }, + }, + Type: "object", + }, + InputProperties: map[string]schema.PropertySpec{ + "role": { + TypeSpec: schema.TypeSpec{ + OneOf: []schema.TypeSpec{ + { + Ref: "#/types/aws:iam/Role:Role", + }, + { + Type: "string", + Ref: arnToken, + }, + }, + }, + Description: "The execution role for the Lambda Function. The role provides the function's identity and access to AWS services and resources. Only one of `role` or `policies` can be provided. If neither is provided, the default policies will be used instead.", + }, + "policies": { + TypeSpec: schema.TypeSpec{ + OneOf: []schema.TypeSpec{ + { + Type: "object", + AdditionalProperties: &schema.TypeSpec{ + Type: "string", + Ref: arnToken, + }, + }, + { + Type: "array", + Items: &schema.TypeSpec{ + Type: "string", + Ref: arnToken, + }, + }, + }, + }, + Description: "A list of IAM policy ARNs to attach to the Function. Only one of `role` or `policies` can be provided. If neither is provided, the default policies will be used instead.", + }, + "runtime": { + TypeSpec: schema.TypeSpec{ + Ref: "#/types/aws:lambda/Runtime:Runtime", + }, + Description: "The Lambda runtime to use. If not provided, will default to `NodeJS20dX`.", + }, + "codePathOptions": { + TypeSpec: schema.TypeSpec{ + Ref: "#/types/" + codePathOptionsTok, + }, + Description: "Options to control which paths/packages should be included or excluded in the zip file containing the code for the AWS lambda.", + }, + "callback": { + TypeSpec: schema.TypeSpec{ + Ref: "pulumi.json#/Any", + }, + Description: "The Javascript function to use as the entrypoint for the AWS Lambda out of. Either callback or callbackFactory must be provided.", + }, + "callbackFactory": { + TypeSpec: schema.TypeSpec{ + Ref: "pulumi.json#/Any", + }, + Description: "The Javascript function that will be called to produce the callback function that is the entrypoint for the AWS Lambda. Either callback or callbackFactory must be provided.", + }, + }, +} + +var codePathOptions = schema.ComplexTypeSpec{ + ObjectTypeSpec: schema.ObjectTypeSpec{ + IsOverlay: true, + Description: "Options to control which paths/packages should be included or excluded in the zip file containing the code for the AWS lambda.", + Properties: map[string]schema.PropertySpec{ + "extraIncludePaths": { + TypeSpec: schema.TypeSpec{ + Type: "array", + Items: &schema.TypeSpec{ + Type: "string", + }, + }, + Description: "Local file/directory paths that should be included when producing the Assets for a serialized closure.", + }, + "extraIncludePackages": { + TypeSpec: schema.TypeSpec{ + Type: "array", + Items: &schema.TypeSpec{ + Type: "string", + }, + }, + Description: "Extra packages to include when producing the Assets for a serialized closure. This can be useful if the packages are acquired in a way that the serialization code does not understand. For example, if there was some sort of module that was pulled in based off of a computed string.", + }, + "extraExcludePackages": { + TypeSpec: schema.TypeSpec{ + Type: "array", + Items: &schema.TypeSpec{ + Type: "string", + }, + }, + Description: "Packages to explicitly exclude from the Assets for a serialized closure. This can be used when clients want to trim down the size of a closure, and they know that some package won't ever actually be needed at runtime, but is still a dependency of some package that is being used at runtime.", + }, + }, + Type: "object", + }, +} + +// postProcessCallbackFunction post-processes the CallbackFunction resource of the given PackageSpec. +// It updates the ResourceSpec of the CallbackFunction by copying input properties and properties from lambda/Function. +// Props defined in the CallbackFunction resource will take precedence over props defined in the Function resource. +// Additionally it removes the "code" and "handler" input properties because those do not exist for CallbackFunctions. +func postProcessCallbackFunction(spec *schema.PackageSpec) { + lambdaSpec, ok := spec.Resources["aws:lambda/function:Function"] + contract.Assertf(ok, "could not find lambda:Function") + + callbackFunctionSpec, ok := spec.Resources[callbackFunctionTok] + contract.Assertf(ok, "could not find lambda/callbackFunction") + + inputProps := maps.Clone(lambdaSpec.InputProperties) + delete(inputProps, "code") + delete(inputProps, "handler") + maps.Copy(inputProps, callbackFunctionSpec.InputProperties) + callbackFunctionSpec.InputProperties = inputProps + + props := maps.Clone(lambdaSpec.Properties) + maps.Copy(props, callbackFunctionSpec.Properties) + callbackFunctionSpec.Properties = props + spec.Resources[callbackFunctionTok] = callbackFunctionSpec +} + +// postProcessOverlays performs post-processing on the given package specification. +// It applies post processing steps to overlays. e.g. copying input properties from another resource +func postProcessOverlays(spec *schema.PackageSpec) { + postProcessCallbackFunction(spec) +} + +func init() { + resourceOverlays[callbackFunctionTok] = callbackFunction + + typeOverlays[codePathOptionsTok] = codePathOptions +} diff --git a/provider/pkg/overlays/examples/callbackFunction.md b/provider/pkg/overlays/examples/callbackFunction.md new file mode 100644 index 00000000000..3ee54320eea --- /dev/null +++ b/provider/pkg/overlays/examples/callbackFunction.md @@ -0,0 +1,259 @@ +A CallbackFunction is a special type of `aws.lambda.Function` that can be created out of an actual JavaScript function instance. The Pulumi compiler and runtime work in tandem to extract your function, package it up along with its dependencies, upload the package to AWS Lambda, and configure the resulting AWS Lambda resources automatically. + +The JavaScript function may capture references to other variables in the surrounding code, including other resources and even imported modules. The Pulumi compiler figures out how to serialize the resulting closure as it uploads and configures the AWS Lambda. This works even if you are composing multiple functions together. + +See [Function Serialization](https://www.pulumi.com/docs/concepts/inputs-outputs/function-serialization/) for additional details on this process. + +### Lambda Function Handler + +You can provide the JavaScript function used for the Lambda Function's Handler either directly by setting the `callback` input property or instead specify the `callbackFactory`, which is a Javascript function that will be called to produce the callback function that is the entrypoint for the AWS Lambda. +Using `callbackFactory` is useful when there is expensive initialization work that should only be executed once. The factory-function will be invoked once when the final AWS Lambda module is loaded. It can run whatever code it needs, and will end by returning the actual function that Lambda will call into each time the Lambda is invoked. + +It is recommended to use an async function, otherwise the Lambda execution will run until the `callback` parameter is called and the event loop is empty. See [Define Lambda function handler in Node.js](https://docs.aws.amazon.com/lambda/latest/dg/nodejs-handler.html) for additional details. + +### Lambda Function Permissions + +If neither `role` nor `policies` is specified, `CallbackFunction` will create an IAM role and automatically use the following managed policies: +- `AWSLambda_FullAccess` +- `CloudWatchFullAccessV2` +- `CloudWatchEventsFullAccess` +- `AmazonS3FullAccess` +- `AmazonDynamoDBFullAccess` +- `AmazonSQSFullAccess` +- `AmazonKinesisFullAccess` +- `AWSCloudFormationReadOnlyAccess` +- `AmazonCognitoPowerUser` +- `AWSXrayWriteOnlyAccess` + +### Customizing Lambda function attributes + +The Lambdas created by `aws.lambda.CallbackFunction` use reasonable defaults for CPU, memory, IAM, logging, and other configuration. +Should you need to customize these settings, the `aws.lambda.CallbackFunction` resource offers all of the underlying AWS Lambda settings. + +For example, to increase the RAM available to your function to 256MB: + +```typescript +import * as aws from "@pulumi/aws"; + +// Create an AWS Lambda function with 256MB RAM +const lambda = new aws.lambda.CallbackFunction("docsHandlerFunc", { + callback: async(event: aws.s3.BucketEvent) => { + // ... + }, + + memorySize: 256 /* MB */, +}); +``` + +### Adding/removing files from a function bundle + +Occasionally you may need to customize the contents of function bundle before uploading it to AWS Lambda --- for example, to remove unneeded Node.js modules or add certain files or folders to the bundle explicitly. The `codePathOptions` property of `CallbackFunction` allows you to do this. + +In this example, a local directory `./config` is added to the function bundle, while an unneeded Node.js module `mime` is removed: + +```typescript +import * as aws from "@pulumi/aws"; +import * as fs from "fs"; + +const lambda = new aws.lambda.CallbackFunction("docsHandlerFunc", { + callback: async(event: aws.s3.BucketEvent) => { + // ... + }, + + codePathOptions: { + + // Add local files or folders to the Lambda function bundle. + extraIncludePaths: [ + "./config", + ], + + // Remove unneeded Node.js packages from the bundle. + extraExcludePackages: [ + "mime", + ], + }, +}); +``` + +### Using Lambda layers {#lambda-layers} + +[Lambda layers](https://docs.aws.amazon.com/lambda/latest/dg/chapter-layers.html) allow you to share code, configuration, and other assets across multiple Lambda functions. At runtime, AWS Lambda extracts these files into the function's filesystem, where you can access their contents as though they belonged to the function bundle itself. + +Layers are managed with the [`aws.lambda.LayerVersion`](/registry/packages/aws/api-docs/lambda/layerversion/) resource, and you can attach them to as many `lambda.Function` or `lambda.CallbackFunction` resources as you need using the function's `layers` property. Here, the preceding program is updated to package the `./config` folder as a Lambda layer instead: + +```typescript +import * as pulumi from "@pulumi/pulumi"; +import * as aws from "@pulumi/aws"; +import * as fs from "fs"; + +// Create a Lambda layer containing some shared configuration. +const configLayer = new aws.lambda.LayerVersion("config-layer", { + layerName: "my-config-layer", + + // Use a Pulumi AssetArchive to zip up the contents of the folder. + code: new pulumi.asset.AssetArchive({ + "config": new pulumi.asset.FileArchive("./config"), + }), +}); + +const lambda = new aws.lambda.CallbackFunction("docsHandlerFunc", { + callback: async(event: aws.s3.BucketEvent) => { + // ... + }, + + // Attach the config layer to the function. + layers: [ + configLayer.arn, + ], +}); +``` + +Notice the path to the file is now `/opt/config/config.json` --- `/opt` being the path at which AWS Lambda extracts the contents of a layer. The configuration layer is now manageable and deployable independently of the Lambda itself, allowing changes to be applied immediately across all functions that use it. + +#### Using layers for Node.js dependencies + +This same approach can be used for sharing Node.js module dependencies. When you package your dependencies [at the proper path](https://docs.aws.amazon.com/lambda/latest/dg/packaging-layers.html) within the layer zip file, (e.g., `nodejs/node_modules`), AWS Lambda will unpack and expose them automatically to the functions that use them at runtime. This approach can be useful in monorepo scenarios such as the example below, which adds a locally built Node.js module as a layer, then references references the module from within the body of a `CallbackFunction`: + +```typescript +import * as pulumi from "@pulumi/pulumi"; +import * as aws from "@pulumi/aws"; + +// Create a layer containing a locally built Node.js module. +const utilsLayer = new aws.lambda.LayerVersion("utils-layer", { + layerName: "utils", + code: new pulumi.asset.AssetArchive({ + + // Store the module under nodejs/node_modules to make it available + // on the Node.js module path. + "nodejs/node_modules/@my-alias/utils": new pulumi.asset.FileArchive("./layers/utils/dist"), + }), +}); + +const lambda = new aws.lambda.CallbackFunction("docsHandlerFunc", { + callback: async (event: aws.s3.BucketEvent) => { + + // Import the module from the layer at runtime. + const { sayHello } = await import("@my-alias/utils"); + + // Call a function from the utils module. + console.log(sayHello()); + }, + + // Attach the utils layer to the function. + layers: [ + utilsLayer.arn, + ], +}); +``` + +Notice the example uses the module name `@my-alias/utils`. To make this work, you'll need to add a few lines to your Pulumi project's `tsconfig.json` file to map your chosen module name to the path of the module's TypeScript source code: + +```javascript +{ + "compilerOptions": { + // ... + "baseUrl": ".", + "paths": { + "@my-alias/utils": [ + "./layers/utils" + ] + } + }, + // ... +} +``` + + +{{% examples %}} +## Example Usage +{{% example %}} +### Basic Lambda Function + +```typescript +import * as aws from "@pulumi/aws"; + +// Create an AWS Lambda function that fetches the Pulumi website and returns the HTTP status +const lambda = new aws.lambda.CallbackFunction("fetcher", { + callback: async(event) => { + try { + const res = await fetch("https://www.pulumi.com/robots.txt"); + console.info("status", res.status); + return res.status; + } + catch (e) { + console.error(e); + return 500; + } + }, +}); +``` +{{% /example %}} + +{{% example %}} +### Lambda Function with expensive initialization work + +```typescript +import * as pulumi from "@pulumi/pulumi"; +import * as aws from "@pulumi/aws"; +import * as express from "express"; +import * as serverlessExpress from "aws-serverless-express"; +import * as middleware from "aws-serverless-express/middleware"; + +const lambda = new aws.lambda.CallbackFunction("mylambda", { + callbackFactory: () => { + const app = express(); + app.use(middleware.eventContext()); + let ctx; + + app.get("/", (req, res) => { + console.log("Invoked url: " + req.url); + + fetch('https://www.pulumi.com/robots.txt').then(resp => { + res.json({ + message: "Hello, world!\n\nSucceeded with " + ctx.getRemainingTimeInMillis() + "ms remaining.", + fetchStatus: resp.status, + fetched: resp.text(), + }); + }); + }); + + const server = serverlessExpress.createServer(app); + return (event, context) => { + console.log("Lambda invoked"); + console.log("Invoked function: " + context.invokedFunctionArn); + console.log("Proxying to express"); + ctx = context; + serverlessExpress.proxy(server, event, context); + } + } +}); +``` +{{% /example %}} + +{{% example %}} +### API Gateway Handler Function +```typescript +import * as apigateway from "@pulumi/aws-apigateway"; +import { APIGatewayProxyEvent, Context } from "aws-lambda"; + +const api = new apigateway.RestAPI("api", { + routes: [ + { + path: "/api", + eventHandler: async (event: APIGatewayProxyEvent, context: Context) => { + return { + statusCode: 200, + body: JSON.stringify({ + eventPath: event.path, + functionName: context.functionName, + }) + }; + }, + }, + ], +}); + +export const url = api.url; +``` +{{% /example %}} +{{% /examples %}} diff --git a/provider/resources.go b/provider/resources.go index 6630f1330f7..bf286f7177b 100644 --- a/provider/resources.go +++ b/provider/resources.go @@ -881,6 +881,7 @@ compatibility shim in favor of the new "name" field.`) DeprecationMessage: "This property has been deprecated. Please use 'dbName' instead.", } r.StateInputs.Properties["name"] = r.InputProperties["name"] + postProcessOverlays(spec) }, Config: map[string]*tfbridge.SchemaInfo{ @@ -4341,395 +4342,8 @@ compatibility shim in favor of the new "name" field.`) "aws_vpclattice_listener": {Tok: awsResource(vpclatticeMod, "Listener")}, "aws_vpclattice_listener_rule": {Tok: awsResource(vpclatticeMod, "ListenerRule")}, }, - ExtraTypes: map[string]schema.ComplexTypeSpec{ - "aws:index/Region:Region": { - ObjectTypeSpec: schema.ObjectTypeSpec{ - Type: "string", - Description: "A Region represents any valid Amazon region that may be targeted with deployments.", - }, - Enum: []schema.EnumValueSpec{ - {Value: "af-south-1", Name: "AFSouth1"}, - {Value: "ap-east-1", Name: "APEast1"}, - {Value: "ap-northeast-1", Name: "APNortheast1"}, - {Value: "ap-northeast-2", Name: "APNortheast2"}, - {Value: "ap-northeast-3", Name: "APNortheast3"}, - {Value: "ap-south-1", Name: "APSouth1"}, - {Value: "ap-south-2", Name: "APSouth2"}, - {Value: "ap-southeast-1", Name: "APSoutheast1"}, - {Value: "ap-southeast-2", Name: "APSoutheast2"}, - {Value: "ap-southeast-3", Name: "APSoutheast3"}, - {Value: "ap-southeast-4", Name: "APSoutheast4"}, - {Value: "ca-central-1", Name: "CACentral"}, - {Value: "ca-west-1", Name: "CAWest1"}, - {Value: "cn-north-1", Name: "CNNorth1"}, - {Value: "cn-northwest-1", Name: "CNNorthwest1"}, - {Value: "eu-central-1", Name: "EUCentral1"}, - {Value: "eu-central-2", Name: "EUCentral2"}, - {Value: "eu-north-1", Name: "EUNorth1"}, - {Value: "eu-south-1", Name: "EUSouth1"}, - {Value: "eu-south-2", Name: "EUSouth2"}, - {Value: "eu-west-1", Name: "EUWest1"}, - {Value: "eu-west-2", Name: "EUWest2"}, - {Value: "eu-west-3", Name: "EUWest3"}, - {Value: "me-central-1", Name: "MECentral1"}, - {Value: "me-south-1", Name: "MESouth1"}, - {Value: "sa-east-1", Name: "SAEast1"}, - {Value: "us-gov-east-1", Name: "USGovEast1"}, - {Value: "us-gov-west-1", Name: "USGovWest1"}, - {Value: "us-east-1", Name: "USEast1"}, - {Value: "us-east-2", Name: "USEast2"}, - {Value: "us-west-1", Name: "USWest1"}, - {Value: "us-west-2", Name: "USWest2"}, - }, - }, - "aws:autoscaling/MetricsGranularity:MetricsGranularity": { - ObjectTypeSpec: schema.ObjectTypeSpec{ - Type: "string", - Description: "See https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_EnableMetricsCollection.html", - }, - Enum: []schema.EnumValueSpec{ - {Value: "1Minute", Name: "OneMinute"}, - }, - }, - "aws:autoscaling/Metric:Metric": { - ObjectTypeSpec: schema.ObjectTypeSpec{ - Type: "string", - Description: "See https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_EnableMetricsCollection.html", - }, - Enum: []schema.EnumValueSpec{ - {Value: "GroupMinSize"}, - {Value: "GroupMaxSize"}, - {Value: "GroupDesiredCapacity"}, - {Value: "GroupInServiceInstances"}, - {Value: "GroupInServiceCapacity"}, - {Value: "GroupPendingInstances"}, - {Value: "GroupPendingCapacity"}, - {Value: "GroupStandbyInstances"}, - {Value: "GroupStandbyCapacity"}, - {Value: "GroupTerminatingInstances"}, - {Value: "GroupTerminatingCapacity"}, - {Value: "GroupTotalInstances"}, - {Value: "GroupTotalCapacity"}, - {Value: "WarmPoolDesiredCapacity"}, - {Value: "WarmPoolWarmedCapacity"}, - {Value: "WarmPoolPendingCapacity"}, - {Value: "WarmPoolTerminatingCapacity"}, - {Value: "WarmPoolTotalCapacity"}, - {Value: "GroupAndWarmPoolDesiredCapacity"}, - {Value: "GroupAndWarmPoolTotalCapacity"}, - }, - }, - "aws:autoscaling/NotificationType:NotificationType": { - ObjectTypeSpec: schema.ObjectTypeSpec{ - Type: "string", - Description: "See https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_NotificationConfiguration.html", - }, - Enum: []schema.EnumValueSpec{ - {Name: "InstanceLaunch", Value: "autoscaling:EC2_INSTANCE_LAUNCH"}, - {Name: "InstanceTerminate", Value: "autoscaling:EC2_INSTANCE_TERMINATE"}, - {Name: "InstanceLaunchError", Value: "autoscaling:EC2_INSTANCE_LAUNCH_ERROR"}, - {Name: "InstanceTerminateError", Value: "autoscaling:EC2_INSTANCE_TERMINATE_ERROR"}, - {Name: "TestNotification", Value: "autoscaling:TEST_NOTIFICATION"}, - }, - }, - "aws:alb/IpAddressType:IpAddressType": { - ObjectTypeSpec: schema.ObjectTypeSpec{ - Type: "string", - }, - Enum: []schema.EnumValueSpec{ - {Name: "Ipv4", Value: "ipv4"}, - {Name: "Dualstack", Value: "dualstack"}, - }, - }, - "aws:alb/LoadBalancerType:LoadBalancerType": { - ObjectTypeSpec: schema.ObjectTypeSpec{ - Type: "string", - }, - Enum: []schema.EnumValueSpec{ - {Name: "Application", Value: "application"}, - {Name: "Network", Value: "network"}, - }, - }, - "aws:applicationloadbalancing/IpAddressType:IpAddressType": { - ObjectTypeSpec: schema.ObjectTypeSpec{ - Type: "string", - }, - Enum: []schema.EnumValueSpec{ - {Name: "Ipv4", Value: "ipv4"}, - {Name: "Dualstack", Value: "dualstack"}, - }, - }, - "aws:applicationloadbalancing/LoadBalancerType:LoadBalancerType": { - ObjectTypeSpec: schema.ObjectTypeSpec{ - Type: "string", - }, - Enum: []schema.EnumValueSpec{ - {Name: "Application", Value: "application"}, - {Name: "Network", Value: "network"}, - }, - }, - "aws:ec2/InstancePlatform:InstancePlatform": { - ObjectTypeSpec: schema.ObjectTypeSpec{ - Type: "string", - }, - Enum: []schema.EnumValueSpec{ - {Name: "LinuxUnix", Value: "Linux/UNIX"}, - {Name: "RedHatEnterpriseLinux", Value: "Red Hat Enterprise Linux"}, - {Name: "SuseLinux", Value: "SUSE Linux"}, - {Name: "Windows", Value: "Windows"}, - {Name: "WindowsWithSqlServer", Value: "Windows with SQL Server"}, - {Name: "WindowsWithSqlServerEnterprise", Value: "Windows with SQL Server Enterprise"}, - {Name: "WindowsWithSqlServerStandard", Value: "Windows with SQL Server Standard"}, - {Name: "WindowsWithSqlServerWeb", Value: "Windows with SQL Server Web"}, - }, - }, - "aws:ec2/InstanceType:InstanceType": { - ObjectTypeSpec: schema.ObjectTypeSpec{ - Type: "string", - }, - Enum: instanceTypes(), - }, - "aws:ec2/PlacementStrategy:PlacementStrategy": { - ObjectTypeSpec: schema.ObjectTypeSpec{ - Type: "string", - Description: "The strategy of the placement group determines how the instances are organized within the group.\nSee https://docs.aws.amazon.com/cli/latest/reference/ec2/create-placement-group.html", - }, - Enum: []schema.EnumValueSpec{ - {Name: "Spread", Value: "spread", Description: "A `spread` placement group places instances on distinct hardware."}, - {Name: "Cluster", Value: "cluster", Description: "A `cluster` placement group is a logical grouping of instances within a single\nAvailability Zone that benefit from low network latency, high network throughput."}, - }, - }, - "aws:ec2/ProtocolType:ProtocolType": { - ObjectTypeSpec: schema.ObjectTypeSpec{ - Type: "string", - }, - Enum: []schema.EnumValueSpec{ - {Name: "All", Value: "all"}, - {Name: "TCP", Value: "tcp"}, - {Name: "UDP", Value: "udp"}, - {Name: "ICMP", Value: "icmp"}, - }, - }, - "aws:ec2/Tenancy:Tenancy": { - ObjectTypeSpec: schema.ObjectTypeSpec{ - Type: "string", - }, - Enum: []schema.EnumValueSpec{ - {Name: "Default", Value: "default"}, - {Name: "Dedicated", Value: "dedicated"}, - }, - }, - "aws:iam/ManagedPolicy:ManagedPolicy": { - ObjectTypeSpec: schema.ObjectTypeSpec{ - Type: "string", - }, - Enum: iamManagedPolicyValues(), - }, - "aws:lambda/Runtime:Runtime": { - ObjectTypeSpec: schema.ObjectTypeSpec{ - Type: "string", - Description: "See https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html", - }, - Enum: []schema.EnumValueSpec{ - {Value: "dotnet6", Name: "Dotnet6"}, - {Value: "dotnet7", Name: "Dotnet7"}, - {Value: "dotnet8", Name: "Dotnet8"}, - {Value: "java11", Name: "Java11"}, - {Value: "java17", Name: "Java17"}, - {Value: "java21", Name: "Java21"}, - {Value: "java8.al2", Name: "Java8AL2"}, - {Value: "nodejs18.x", Name: "NodeJS18dX"}, - {Value: "nodejs20.x", Name: "NodeJS20dX"}, - {Value: "provided.al2", Name: "CustomAL2"}, - {Value: "provided.al2023", Name: "CustomAL2023"}, - {Value: "python3.10", Name: "Python3d10"}, - {Value: "python3.11", Name: "Python3d11"}, - {Value: "python3.12", Name: "Python3d12"}, - {Value: "python3.8", Name: "Python3d8"}, - {Value: "python3.9", Name: "Python3d9"}, - {Value: "ruby3.2", Name: "Ruby3d2"}, - - deprecateRuntime("dotnet5.0", "Dotnet5d0"), - deprecateRuntime("dotnetcore2.1", "DotnetCore2d1"), - deprecateRuntime("dotnetcore3.1", "DotnetCore3d1"), - deprecateRuntime("go1.x", "Go1dx"), - deprecateRuntime("java8", "Java8"), - deprecateRuntime("nodejs10.x", "NodeJS10dX"), - deprecateRuntime("nodejs12.x", "NodeJS12dX"), - deprecateRuntime("nodejs14.x", "NodeJS14dX"), - deprecateRuntime("nodejs16.x", "NodeJS16dX"), - deprecateRuntime("provided", "Custom"), - deprecateRuntime("python2.7", "Python2d7"), - deprecateRuntime("python3.6", "Python3d6"), - deprecateRuntime("python3.7", "Python3d7"), - deprecateRuntime("ruby2.5", "Ruby2d5"), - deprecateRuntime("ruby2.7", "Ruby2d7"), - }, - }, - "aws:rds/EngineMode:EngineMode": { - ObjectTypeSpec: schema.ObjectTypeSpec{ - Type: "string", - }, - Enum: []schema.EnumValueSpec{ - {Name: "Provisioned", Value: "provisioned"}, - {Name: "Serverless", Value: "serverless"}, - {Name: "ParallelQuery", Value: "parallelquery"}, - {Name: "Global", Value: "global"}, - }, - }, - "aws:rds/EngineType:EngineType": { - ObjectTypeSpec: schema.ObjectTypeSpec{ - Type: "string", - }, - Enum: []schema.EnumValueSpec{ - {Name: "Aurora", Value: "aurora"}, - {Name: "AuroraMysql", Value: "aurora-mysql"}, - {Name: "AuroraPostgresql", Value: "aurora-postgresql"}, - }, - }, - "aws:rds/InstanceType:InstanceType": { - ObjectTypeSpec: schema.ObjectTypeSpec{ - Type: "string", - }, - Enum: []schema.EnumValueSpec{ - {Name: "T4G_Micro", Value: "db.t4g.micro"}, - {Name: "T4G_Small", Value: "db.t4g.small"}, - {Name: "T4G_Medium", Value: "db.t4g.medium"}, - {Name: "T4G_Large", Value: "db.t4g.large"}, - {Name: "T4G_XLarge", Value: "db.t4g.xlarge"}, - {Name: "T4G_2XLarge", Value: "db.t4g.2xlarge"}, - {Name: "T3_Micro", Value: "db.t3.micro"}, - {Name: "T3_Small", Value: "db.t3.small"}, - {Name: "T3_Medium", Value: "db.t3.medium"}, - {Name: "T3_Large", Value: "db.t3.large"}, - {Name: "T3_XLarge", Value: "db.t3.xlarge"}, - {Name: "T3_2XLarge", Value: "db.t3.2xlarge"}, - {Name: "T2_Micro", Value: "db.t2.micro"}, - {Name: "T2_Small", Value: "db.t2.small"}, - {Name: "T2_Medium", Value: "db.t2.medium"}, - {Name: "T2_Large", Value: "db.t2.large"}, - {Name: "T2_XLarge", Value: "db.t2.xlarge"}, - {Name: "T2_2XLarge", Value: "db.t2.2xlarge"}, - {Name: "M1_Small", Value: "db.m1.small"}, - {Name: "M1_Medium", Value: "db.m1.medium"}, - {Name: "M1_Large", Value: "db.m1.large"}, - {Name: "M1_XLarge", Value: "db.m1.xlarge"}, - {Name: "M2_XLarge", Value: "db.m2.xlarge"}, - {Name: "M2_2XLarge", Value: "db.m2.2xlarge"}, - {Name: "M2_4XLarge", Value: "db.m2.4xlarge"}, - {Name: "M3_Medium", Value: "db.m3.medium"}, - {Name: "M3_Large", Value: "db.m3.large"}, - {Name: "M3_XLarge", Value: "db.m3.xlarge"}, - {Name: "M3_2XLarge", Value: "db.m3.2xlarge"}, - {Name: "M4_Large", Value: "db.m4.large"}, - {Name: "M4_XLarge", Value: "db.m4.xlarge"}, - {Name: "M4_2XLarge", Value: "db.m4.2xlarge"}, - {Name: "M4_4XLarge", Value: "db.m4.4xlarge"}, - {Name: "M4_10XLarge", Value: "db.m4.10xlarge"}, - {Name: "M4_16XLarge", Value: "db.m4.10xlarge"}, - {Name: "M5_Large", Value: "db.m5.large"}, - {Name: "M5_XLarge", Value: "db.m5.xlarge"}, - {Name: "M5_2XLarge", Value: "db.m5.2xlarge"}, - {Name: "M5_4XLarge", Value: "db.m5.4xlarge"}, - {Name: "M5_12XLarge", Value: "db.m5.12xlarge"}, - {Name: "M5_24XLarge", Value: "db.m5.24xlarge"}, - {Name: "M6G_Large", Value: "db.m6g.large"}, - {Name: "M6G_XLarge", Value: "db.m6g.xlarge"}, - {Name: "M6G_2XLarge", Value: "db.m6g.2xlarge"}, - {Name: "M6G_4XLarge", Value: "db.m6g.4xlarge"}, - {Name: "M6G_8XLarge", Value: "db.m6g.8xlarge"}, - {Name: "M6G_12XLarge", Value: "db.m6g.12xlarge"}, - {Name: "M6G_16XLarge", Value: "db.m6g.16xlarge"}, - {Name: "R3_Large", Value: "db.r3.large"}, - {Name: "R3_XLarge", Value: "db.r3.xlarge"}, - {Name: "R3_2XLarge", Value: "db.r3.2xlarge"}, - {Name: "R3_4XLarge", Value: "db.r3.4xlarge"}, - {Name: "R3_8XLarge", Value: "db.r3.8xlarge"}, - {Name: "R4_Large", Value: "db.r4.large"}, - {Name: "R4_XLarge", Value: "db.r4.xlarge"}, - {Name: "R4_2XLarge", Value: "db.r4.2xlarge"}, - {Name: "R4_4XLarge", Value: "db.r4.4xlarge"}, - {Name: "R4_8XLarge", Value: "db.r4.8xlarge"}, - {Name: "R4_16XLarge", Value: "db.r4.16xlarge"}, - {Name: "R5_Large", Value: "db.r5.large"}, - {Name: "R5_XLarge", Value: "db.r5.xlarge"}, - {Name: "R5_2XLarge", Value: "db.r5.2xlarge"}, - {Name: "R5_4XLarge", Value: "db.r5.4xlarge"}, - {Name: "R5_12XLarge", Value: "db.r5.12xlarge"}, - {Name: "R5_24XLarge", Value: "db.r5.24xlarge"}, - {Name: "R6G_Large", Value: "db.r6g.large"}, - {Name: "R6G_XLarge", Value: "db.r6g.xlarge"}, - {Name: "R6G_2XLarge", Value: "db.r6g.2xlarge"}, - {Name: "R6G_4XLarge", Value: "db.r6g.4xlarge"}, - {Name: "R6G_8XLarge", Value: "db.r6g.8xlarge"}, - {Name: "R6G_12XLarge", Value: "db.r6g.12xlarge"}, - {Name: "R6G_16XLarge", Value: "db.r6g.16xlarge"}, - {Name: "X1_16XLarge", Value: "db.x1.16xlarge"}, - {Name: "X1_32XLarge", Value: "db.x1.32xlarge"}, - {Name: "X1E_XLarge", Value: "db.x1e.xlarge"}, - {Name: "X1E_2XLarge", Value: "db.x1e.2xlarge"}, - {Name: "X1E_4XLarge", Value: "db.x1e.4xlarge"}, - {Name: "X1E_8XLarge", Value: "db.x1e.8xlarge"}, - {Name: "X1E_32XLarge", Value: "db.x1e.32xlarge"}, - }, - }, - "aws:rds/StorageType:StorageType": { - ObjectTypeSpec: schema.ObjectTypeSpec{ - Type: "string", - }, - Enum: []schema.EnumValueSpec{ - {Name: "Standard", Value: "standard"}, - {Name: "GP2", Value: "gp2"}, - {Name: "GP3", Value: "gp3"}, - {Name: "IO1", Value: "io1"}, - }, - }, - "aws:route53/RecordType:RecordType": { - ObjectTypeSpec: schema.ObjectTypeSpec{ - Type: "string", - }, - Enum: []schema.EnumValueSpec{ - {Value: "A"}, - {Value: "AAAA"}, - {Value: "CNAME"}, - {Value: "CAA"}, - {Value: "MX"}, - {Value: "NAPTR"}, - {Value: "NS"}, - {Value: "PTR"}, - {Value: "SOA"}, - {Value: "SPF"}, - {Value: "SRV"}, - {Value: "TXT"}, - }, - }, - "aws:s3/CannedAcl:CannedAcl": { - ObjectTypeSpec: schema.ObjectTypeSpec{ - Type: "string", - Description: "See https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl", - }, - Enum: []schema.EnumValueSpec{ - {Name: "Private", Value: "private"}, - {Name: "PublicRead", Value: "public-read"}, - {Name: "PublicReadWrite", Value: "public-read-write"}, - {Name: "AwsExecRead", Value: "aws-exec-read"}, - {Name: "AuthenticatedRead", Value: "authenticated-read"}, - {Name: "BucketOwnerRead", Value: "bucket-owner-read"}, - {Name: "BucketOwnerFullControl", Value: "bucket-owner-full-control"}, - {Name: "LogDeliveryWrite", Value: "log-delivery-write"}, - }, - }, - "aws:ssm/ParameterType:ParameterType": { - ObjectTypeSpec: schema.ObjectTypeSpec{ - Type: "string", - }, - Enum: []schema.EnumValueSpec{ - {Value: "String"}, - {Value: "StringList"}, - {Value: "SecureString"}, - }, - }, - }, + ExtraResources: resourceOverlays, + ExtraTypes: extraTypes, DataSources: map[string]*tfbridge.DataSourceInfo{ "aws_auditmanager_control": { Tok: awsDataSource(auditmanagerMod, "getControl"), diff --git a/provider/types.go b/provider/types.go new file mode 100644 index 00000000000..fbb13c64eb9 --- /dev/null +++ b/provider/types.go @@ -0,0 +1,416 @@ +// Copyright 2016-2024, Pulumi Corporation. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package provider + +import ( + "maps" + + "github.com/pulumi/pulumi/pkg/v3/codegen/schema" +) + +// extraTypes augment the types defined by the upstream AWS provider +var extraTypes = map[string]schema.ComplexTypeSpec{ + "aws:index/Region:Region": { + ObjectTypeSpec: schema.ObjectTypeSpec{ + Type: "string", + Description: "A Region represents any valid Amazon region that may be targeted with deployments.", + }, + Enum: []schema.EnumValueSpec{ + {Value: "af-south-1", Name: "AFSouth1"}, + {Value: "ap-east-1", Name: "APEast1"}, + {Value: "ap-northeast-1", Name: "APNortheast1"}, + {Value: "ap-northeast-2", Name: "APNortheast2"}, + {Value: "ap-northeast-3", Name: "APNortheast3"}, + {Value: "ap-south-1", Name: "APSouth1"}, + {Value: "ap-south-2", Name: "APSouth2"}, + {Value: "ap-southeast-1", Name: "APSoutheast1"}, + {Value: "ap-southeast-2", Name: "APSoutheast2"}, + {Value: "ap-southeast-3", Name: "APSoutheast3"}, + {Value: "ap-southeast-4", Name: "APSoutheast4"}, + {Value: "ca-central-1", Name: "CACentral"}, + {Value: "ca-west-1", Name: "CAWest1"}, + {Value: "cn-north-1", Name: "CNNorth1"}, + {Value: "cn-northwest-1", Name: "CNNorthwest1"}, + {Value: "eu-central-1", Name: "EUCentral1"}, + {Value: "eu-central-2", Name: "EUCentral2"}, + {Value: "eu-north-1", Name: "EUNorth1"}, + {Value: "eu-south-1", Name: "EUSouth1"}, + {Value: "eu-south-2", Name: "EUSouth2"}, + {Value: "eu-west-1", Name: "EUWest1"}, + {Value: "eu-west-2", Name: "EUWest2"}, + {Value: "eu-west-3", Name: "EUWest3"}, + {Value: "me-central-1", Name: "MECentral1"}, + {Value: "me-south-1", Name: "MESouth1"}, + {Value: "sa-east-1", Name: "SAEast1"}, + {Value: "us-gov-east-1", Name: "USGovEast1"}, + {Value: "us-gov-west-1", Name: "USGovWest1"}, + {Value: "us-east-1", Name: "USEast1"}, + {Value: "us-east-2", Name: "USEast2"}, + {Value: "us-west-1", Name: "USWest1"}, + {Value: "us-west-2", Name: "USWest2"}, + }, + }, + "aws:autoscaling/MetricsGranularity:MetricsGranularity": { + ObjectTypeSpec: schema.ObjectTypeSpec{ + Type: "string", + Description: "See https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_EnableMetricsCollection.html", + }, + Enum: []schema.EnumValueSpec{ + {Value: "1Minute", Name: "OneMinute"}, + }, + }, + "aws:autoscaling/Metric:Metric": { + ObjectTypeSpec: schema.ObjectTypeSpec{ + Type: "string", + Description: "See https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_EnableMetricsCollection.html", + }, + Enum: []schema.EnumValueSpec{ + {Value: "GroupMinSize"}, + {Value: "GroupMaxSize"}, + {Value: "GroupDesiredCapacity"}, + {Value: "GroupInServiceInstances"}, + {Value: "GroupInServiceCapacity"}, + {Value: "GroupPendingInstances"}, + {Value: "GroupPendingCapacity"}, + {Value: "GroupStandbyInstances"}, + {Value: "GroupStandbyCapacity"}, + {Value: "GroupTerminatingInstances"}, + {Value: "GroupTerminatingCapacity"}, + {Value: "GroupTotalInstances"}, + {Value: "GroupTotalCapacity"}, + {Value: "WarmPoolDesiredCapacity"}, + {Value: "WarmPoolWarmedCapacity"}, + {Value: "WarmPoolPendingCapacity"}, + {Value: "WarmPoolTerminatingCapacity"}, + {Value: "WarmPoolTotalCapacity"}, + {Value: "GroupAndWarmPoolDesiredCapacity"}, + {Value: "GroupAndWarmPoolTotalCapacity"}, + }, + }, + "aws:autoscaling/NotificationType:NotificationType": { + ObjectTypeSpec: schema.ObjectTypeSpec{ + Type: "string", + Description: "See https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_NotificationConfiguration.html", + }, + Enum: []schema.EnumValueSpec{ + {Name: "InstanceLaunch", Value: "autoscaling:EC2_INSTANCE_LAUNCH"}, + {Name: "InstanceTerminate", Value: "autoscaling:EC2_INSTANCE_TERMINATE"}, + {Name: "InstanceLaunchError", Value: "autoscaling:EC2_INSTANCE_LAUNCH_ERROR"}, + {Name: "InstanceTerminateError", Value: "autoscaling:EC2_INSTANCE_TERMINATE_ERROR"}, + {Name: "TestNotification", Value: "autoscaling:TEST_NOTIFICATION"}, + }, + }, + "aws:alb/IpAddressType:IpAddressType": { + ObjectTypeSpec: schema.ObjectTypeSpec{ + Type: "string", + }, + Enum: []schema.EnumValueSpec{ + {Name: "Ipv4", Value: "ipv4"}, + {Name: "Dualstack", Value: "dualstack"}, + }, + }, + "aws:alb/LoadBalancerType:LoadBalancerType": { + ObjectTypeSpec: schema.ObjectTypeSpec{ + Type: "string", + }, + Enum: []schema.EnumValueSpec{ + {Name: "Application", Value: "application"}, + {Name: "Network", Value: "network"}, + }, + }, + "aws:applicationloadbalancing/IpAddressType:IpAddressType": { + ObjectTypeSpec: schema.ObjectTypeSpec{ + Type: "string", + }, + Enum: []schema.EnumValueSpec{ + {Name: "Ipv4", Value: "ipv4"}, + {Name: "Dualstack", Value: "dualstack"}, + }, + }, + "aws:applicationloadbalancing/LoadBalancerType:LoadBalancerType": { + ObjectTypeSpec: schema.ObjectTypeSpec{ + Type: "string", + }, + Enum: []schema.EnumValueSpec{ + {Name: "Application", Value: "application"}, + {Name: "Network", Value: "network"}, + }, + }, + "aws:ec2/InstancePlatform:InstancePlatform": { + ObjectTypeSpec: schema.ObjectTypeSpec{ + Type: "string", + }, + Enum: []schema.EnumValueSpec{ + {Name: "LinuxUnix", Value: "Linux/UNIX"}, + {Name: "RedHatEnterpriseLinux", Value: "Red Hat Enterprise Linux"}, + {Name: "SuseLinux", Value: "SUSE Linux"}, + {Name: "Windows", Value: "Windows"}, + {Name: "WindowsWithSqlServer", Value: "Windows with SQL Server"}, + {Name: "WindowsWithSqlServerEnterprise", Value: "Windows with SQL Server Enterprise"}, + {Name: "WindowsWithSqlServerStandard", Value: "Windows with SQL Server Standard"}, + {Name: "WindowsWithSqlServerWeb", Value: "Windows with SQL Server Web"}, + }, + }, + "aws:ec2/InstanceType:InstanceType": { + ObjectTypeSpec: schema.ObjectTypeSpec{ + Type: "string", + }, + Enum: instanceTypes(), + }, + "aws:ec2/PlacementStrategy:PlacementStrategy": { + ObjectTypeSpec: schema.ObjectTypeSpec{ + Type: "string", + Description: "The strategy of the placement group determines how the instances are organized within the group.\nSee https://docs.aws.amazon.com/cli/latest/reference/ec2/create-placement-group.html", + }, + Enum: []schema.EnumValueSpec{ + {Name: "Spread", Value: "spread", Description: "A `spread` placement group places instances on distinct hardware."}, + {Name: "Cluster", Value: "cluster", Description: "A `cluster` placement group is a logical grouping of instances within a single\nAvailability Zone that benefit from low network latency, high network throughput."}, + }, + }, + "aws:ec2/ProtocolType:ProtocolType": { + ObjectTypeSpec: schema.ObjectTypeSpec{ + Type: "string", + }, + Enum: []schema.EnumValueSpec{ + {Name: "All", Value: "all"}, + {Name: "TCP", Value: "tcp"}, + {Name: "UDP", Value: "udp"}, + {Name: "ICMP", Value: "icmp"}, + }, + }, + "aws:ec2/Tenancy:Tenancy": { + ObjectTypeSpec: schema.ObjectTypeSpec{ + Type: "string", + }, + Enum: []schema.EnumValueSpec{ + {Name: "Default", Value: "default"}, + {Name: "Dedicated", Value: "dedicated"}, + }, + }, + "aws:iam/ManagedPolicy:ManagedPolicy": { + ObjectTypeSpec: schema.ObjectTypeSpec{ + Type: "string", + }, + Enum: iamManagedPolicyValues(), + }, + "aws:lambda/Runtime:Runtime": { + ObjectTypeSpec: schema.ObjectTypeSpec{ + Type: "string", + Description: "See https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html", + }, + Enum: []schema.EnumValueSpec{ + {Value: "dotnet6", Name: "Dotnet6"}, + {Value: "dotnet7", Name: "Dotnet7"}, + {Value: "dotnet8", Name: "Dotnet8"}, + {Value: "java11", Name: "Java11"}, + {Value: "java17", Name: "Java17"}, + {Value: "java21", Name: "Java21"}, + {Value: "java8.al2", Name: "Java8AL2"}, + {Value: "nodejs18.x", Name: "NodeJS18dX"}, + {Value: "nodejs20.x", Name: "NodeJS20dX"}, + {Value: "provided.al2", Name: "CustomAL2"}, + {Value: "provided.al2023", Name: "CustomAL2023"}, + {Value: "python3.10", Name: "Python3d10"}, + {Value: "python3.11", Name: "Python3d11"}, + {Value: "python3.12", Name: "Python3d12"}, + {Value: "python3.8", Name: "Python3d8"}, + {Value: "python3.9", Name: "Python3d9"}, + {Value: "ruby3.2", Name: "Ruby3d2"}, + + deprecateRuntime("dotnet5.0", "Dotnet5d0"), + deprecateRuntime("dotnetcore2.1", "DotnetCore2d1"), + deprecateRuntime("dotnetcore3.1", "DotnetCore3d1"), + deprecateRuntime("go1.x", "Go1dx"), + deprecateRuntime("java8", "Java8"), + deprecateRuntime("nodejs10.x", "NodeJS10dX"), + deprecateRuntime("nodejs12.x", "NodeJS12dX"), + deprecateRuntime("nodejs14.x", "NodeJS14dX"), + deprecateRuntime("nodejs16.x", "NodeJS16dX"), + deprecateRuntime("provided", "Custom"), + deprecateRuntime("python2.7", "Python2d7"), + deprecateRuntime("python3.6", "Python3d6"), + deprecateRuntime("python3.7", "Python3d7"), + deprecateRuntime("ruby2.5", "Ruby2d5"), + deprecateRuntime("ruby2.7", "Ruby2d7"), + }, + }, + "aws:rds/EngineMode:EngineMode": { + ObjectTypeSpec: schema.ObjectTypeSpec{ + Type: "string", + }, + Enum: []schema.EnumValueSpec{ + {Name: "Provisioned", Value: "provisioned"}, + {Name: "Serverless", Value: "serverless"}, + {Name: "ParallelQuery", Value: "parallelquery"}, + {Name: "Global", Value: "global"}, + }, + }, + "aws:rds/EngineType:EngineType": { + ObjectTypeSpec: schema.ObjectTypeSpec{ + Type: "string", + }, + Enum: []schema.EnumValueSpec{ + {Name: "Aurora", Value: "aurora"}, + {Name: "AuroraMysql", Value: "aurora-mysql"}, + {Name: "AuroraPostgresql", Value: "aurora-postgresql"}, + }, + }, + "aws:rds/InstanceType:InstanceType": { + ObjectTypeSpec: schema.ObjectTypeSpec{ + Type: "string", + }, + Enum: []schema.EnumValueSpec{ + {Name: "T4G_Micro", Value: "db.t4g.micro"}, + {Name: "T4G_Small", Value: "db.t4g.small"}, + {Name: "T4G_Medium", Value: "db.t4g.medium"}, + {Name: "T4G_Large", Value: "db.t4g.large"}, + {Name: "T4G_XLarge", Value: "db.t4g.xlarge"}, + {Name: "T4G_2XLarge", Value: "db.t4g.2xlarge"}, + {Name: "T3_Micro", Value: "db.t3.micro"}, + {Name: "T3_Small", Value: "db.t3.small"}, + {Name: "T3_Medium", Value: "db.t3.medium"}, + {Name: "T3_Large", Value: "db.t3.large"}, + {Name: "T3_XLarge", Value: "db.t3.xlarge"}, + {Name: "T3_2XLarge", Value: "db.t3.2xlarge"}, + {Name: "T2_Micro", Value: "db.t2.micro"}, + {Name: "T2_Small", Value: "db.t2.small"}, + {Name: "T2_Medium", Value: "db.t2.medium"}, + {Name: "T2_Large", Value: "db.t2.large"}, + {Name: "T2_XLarge", Value: "db.t2.xlarge"}, + {Name: "T2_2XLarge", Value: "db.t2.2xlarge"}, + {Name: "M1_Small", Value: "db.m1.small"}, + {Name: "M1_Medium", Value: "db.m1.medium"}, + {Name: "M1_Large", Value: "db.m1.large"}, + {Name: "M1_XLarge", Value: "db.m1.xlarge"}, + {Name: "M2_XLarge", Value: "db.m2.xlarge"}, + {Name: "M2_2XLarge", Value: "db.m2.2xlarge"}, + {Name: "M2_4XLarge", Value: "db.m2.4xlarge"}, + {Name: "M3_Medium", Value: "db.m3.medium"}, + {Name: "M3_Large", Value: "db.m3.large"}, + {Name: "M3_XLarge", Value: "db.m3.xlarge"}, + {Name: "M3_2XLarge", Value: "db.m3.2xlarge"}, + {Name: "M4_Large", Value: "db.m4.large"}, + {Name: "M4_XLarge", Value: "db.m4.xlarge"}, + {Name: "M4_2XLarge", Value: "db.m4.2xlarge"}, + {Name: "M4_4XLarge", Value: "db.m4.4xlarge"}, + {Name: "M4_10XLarge", Value: "db.m4.10xlarge"}, + {Name: "M4_16XLarge", Value: "db.m4.10xlarge"}, + {Name: "M5_Large", Value: "db.m5.large"}, + {Name: "M5_XLarge", Value: "db.m5.xlarge"}, + {Name: "M5_2XLarge", Value: "db.m5.2xlarge"}, + {Name: "M5_4XLarge", Value: "db.m5.4xlarge"}, + {Name: "M5_12XLarge", Value: "db.m5.12xlarge"}, + {Name: "M5_24XLarge", Value: "db.m5.24xlarge"}, + {Name: "M6G_Large", Value: "db.m6g.large"}, + {Name: "M6G_XLarge", Value: "db.m6g.xlarge"}, + {Name: "M6G_2XLarge", Value: "db.m6g.2xlarge"}, + {Name: "M6G_4XLarge", Value: "db.m6g.4xlarge"}, + {Name: "M6G_8XLarge", Value: "db.m6g.8xlarge"}, + {Name: "M6G_12XLarge", Value: "db.m6g.12xlarge"}, + {Name: "M6G_16XLarge", Value: "db.m6g.16xlarge"}, + {Name: "R3_Large", Value: "db.r3.large"}, + {Name: "R3_XLarge", Value: "db.r3.xlarge"}, + {Name: "R3_2XLarge", Value: "db.r3.2xlarge"}, + {Name: "R3_4XLarge", Value: "db.r3.4xlarge"}, + {Name: "R3_8XLarge", Value: "db.r3.8xlarge"}, + {Name: "R4_Large", Value: "db.r4.large"}, + {Name: "R4_XLarge", Value: "db.r4.xlarge"}, + {Name: "R4_2XLarge", Value: "db.r4.2xlarge"}, + {Name: "R4_4XLarge", Value: "db.r4.4xlarge"}, + {Name: "R4_8XLarge", Value: "db.r4.8xlarge"}, + {Name: "R4_16XLarge", Value: "db.r4.16xlarge"}, + {Name: "R5_Large", Value: "db.r5.large"}, + {Name: "R5_XLarge", Value: "db.r5.xlarge"}, + {Name: "R5_2XLarge", Value: "db.r5.2xlarge"}, + {Name: "R5_4XLarge", Value: "db.r5.4xlarge"}, + {Name: "R5_12XLarge", Value: "db.r5.12xlarge"}, + {Name: "R5_24XLarge", Value: "db.r5.24xlarge"}, + {Name: "R6G_Large", Value: "db.r6g.large"}, + {Name: "R6G_XLarge", Value: "db.r6g.xlarge"}, + {Name: "R6G_2XLarge", Value: "db.r6g.2xlarge"}, + {Name: "R6G_4XLarge", Value: "db.r6g.4xlarge"}, + {Name: "R6G_8XLarge", Value: "db.r6g.8xlarge"}, + {Name: "R6G_12XLarge", Value: "db.r6g.12xlarge"}, + {Name: "R6G_16XLarge", Value: "db.r6g.16xlarge"}, + {Name: "X1_16XLarge", Value: "db.x1.16xlarge"}, + {Name: "X1_32XLarge", Value: "db.x1.32xlarge"}, + {Name: "X1E_XLarge", Value: "db.x1e.xlarge"}, + {Name: "X1E_2XLarge", Value: "db.x1e.2xlarge"}, + {Name: "X1E_4XLarge", Value: "db.x1e.4xlarge"}, + {Name: "X1E_8XLarge", Value: "db.x1e.8xlarge"}, + {Name: "X1E_32XLarge", Value: "db.x1e.32xlarge"}, + }, + }, + "aws:rds/StorageType:StorageType": { + ObjectTypeSpec: schema.ObjectTypeSpec{ + Type: "string", + }, + Enum: []schema.EnumValueSpec{ + {Name: "Standard", Value: "standard"}, + {Name: "GP2", Value: "gp2"}, + {Name: "GP3", Value: "gp3"}, + {Name: "IO1", Value: "io1"}, + }, + }, + "aws:route53/RecordType:RecordType": { + ObjectTypeSpec: schema.ObjectTypeSpec{ + Type: "string", + }, + Enum: []schema.EnumValueSpec{ + {Value: "A"}, + {Value: "AAAA"}, + {Value: "CNAME"}, + {Value: "CAA"}, + {Value: "MX"}, + {Value: "NAPTR"}, + {Value: "NS"}, + {Value: "PTR"}, + {Value: "SOA"}, + {Value: "SPF"}, + {Value: "SRV"}, + {Value: "TXT"}, + }, + }, + "aws:s3/CannedAcl:CannedAcl": { + ObjectTypeSpec: schema.ObjectTypeSpec{ + Type: "string", + Description: "See https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl", + }, + Enum: []schema.EnumValueSpec{ + {Name: "Private", Value: "private"}, + {Name: "PublicRead", Value: "public-read"}, + {Name: "PublicReadWrite", Value: "public-read-write"}, + {Name: "AwsExecRead", Value: "aws-exec-read"}, + {Name: "AuthenticatedRead", Value: "authenticated-read"}, + {Name: "BucketOwnerRead", Value: "bucket-owner-read"}, + {Name: "BucketOwnerFullControl", Value: "bucket-owner-full-control"}, + {Name: "LogDeliveryWrite", Value: "log-delivery-write"}, + }, + }, + "aws:ssm/ParameterType:ParameterType": { + ObjectTypeSpec: schema.ObjectTypeSpec{ + Type: "string", + }, + Enum: []schema.EnumValueSpec{ + {Value: "String"}, + {Value: "StringList"}, + {Value: "SecureString"}, + }, + }, +} + +func init() { + maps.Copy(extraTypes, typeOverlays) +}